Diocese of Manchester

Laptop with USB stick. Photo by Brina Blum on Unsplash

GDPR for parishes

The General Data Protection Regulation (GDPR) will take effect in the UK from 25 May 2018. It replaces the existing law on data protection (the Data Protection Act 1998) and gives individuals more rights and protection in how their personal data is used by organisations. Parishes must comply with its requirements, just like any other charity or organisation.

Information and resources have been developed for parishes to help ensure you are compliant. They can be found at www.parishresources.org.uk/gdpr/

Below are links to information that your parish needs to know about.

A brief guide to data protection for PCC members.

Parish privacy notices

What personal data does your parish hold? Doing an audit

Sending out a parish newsletter (by post or email), Do you have consent?

Keep it or bin it? How long can we keep personal data?

Can we publish our Electoral Roll?

Storing data securely

Is your computer secure? Who has access to your computer? Anti-virus? Firewall? Up to date operating system? If it is store in the cloud, is the service provided from servers in the EU or countries with adequate safeguards?

How Manchester DBF uses your information

The Privacy Notice - MDBF outlines how we use and safeguard the information we hold about you.

The Church of England Diocese of Manchester,
Church House,
90 Deansgate,
Manchester M3 2GH

Manchester DBF Company number 149999, Charity number 249424
Telephone: 0161 828 1400